// Copyright 2025 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
// Code generated by sidekick. DO NOT EDIT.
#![allow(rustdoc::redundant_explicit_links)]
#![allow(rustdoc::broken_intra_doc_links)]

/// Implements a client for the Container Analysis API.
///
/// # Example
/// ```
/// # tokio_test::block_on(async {
/// # use google_cloud_containeranalysis_v1::client::ContainerAnalysis;
/// let client = ContainerAnalysis::builder().build().await?;
/// // use `client` to make requests to the Container Analysis API.
/// # gax::client_builder::Result::<()>::Ok(()) });
/// ```
///
/// # Service Description
///
/// Retrieves analysis results of Cloud components such as Docker container
/// images. The Container Analysis API is an implementation of the
/// [Grafeas](https://grafeas.io) API.
///
/// Analysis results are stored as a series of occurrences. An `Occurrence`
/// contains information about a specific analysis instance on a resource. An
/// occurrence refers to a `Note`. A note contains details describing the
/// analysis and is generally stored in a separate project, called a `Provider`.
/// Multiple occurrences can refer to the same note.
///
/// For example, an SSL vulnerability could affect multiple images. In this case,
/// there would be one note for the vulnerability and an occurrence for each
/// image with the vulnerability referring to that note.
///
/// # Configuration
///
/// To configure `ContainerAnalysis` use the `with_*` methods in the type returned
/// by [builder()][ContainerAnalysis::builder]. The default configuration should
/// work for most applications. Common configuration changes include
///
/// * [with_endpoint()]: by default this client uses the global default endpoint
///   (`https://containeranalysis.googleapis.com`). Applications using regional
///   endpoints or running in restricted networks (e.g. a network configured
//    with [Private Google Access with VPC Service Controls]) may want to
///   override this default.
/// * [with_credentials()]: by default this client uses
///   [Application Default Credentials]. Applications using custom
///   authentication may need to override this default.
///
/// [with_endpoint()]: super::builder::container_analysis::ClientBuilder::with_endpoint
/// [with_credentials()]: super::builder::container_analysis::ClientBuilder::credentials
/// [Private Google Access with VPC Service Controls]: https://cloud.google.com/vpc-service-controls/docs/private-connectivity
/// [Application Default Credentials]: https://cloud.google.com/docs/authentication#adc
///
/// # Pooling and Cloning
///
/// `ContainerAnalysis` holds a connection pool internally, it is advised to
/// create one and the reuse it.  You do not need to wrap `ContainerAnalysis` in
/// an [Rc](std::rc::Rc) or [Arc](std::sync::Arc) to reuse it, because it
/// already uses an `Arc` internally.
#[derive(Clone, Debug)]
pub struct ContainerAnalysis {
    inner: std::sync::Arc<dyn super::stub::dynamic::ContainerAnalysis>,
}

impl ContainerAnalysis {
    /// Returns a builder for [ContainerAnalysis].
    ///
    /// ```
    /// # tokio_test::block_on(async {
    /// # use google_cloud_containeranalysis_v1::client::ContainerAnalysis;
    /// let client = ContainerAnalysis::builder().build().await?;
    /// # gax::client_builder::Result::<()>::Ok(()) });
    /// ```
    pub fn builder() -> super::builder::container_analysis::ClientBuilder {
        gax::client_builder::internal::new_builder(
            super::builder::container_analysis::client::Factory,
        )
    }

    /// Creates a new client from the provided stub.
    ///
    /// The most common case for calling this function is in tests mocking the
    /// client's behavior.
    pub fn from_stub<T>(stub: T) -> Self
    where
        T: super::stub::ContainerAnalysis + 'static,
    {
        Self {
            inner: std::sync::Arc::new(stub),
        }
    }

    pub(crate) async fn new(
        config: gaxi::options::ClientConfig,
    ) -> gax::client_builder::Result<Self> {
        let inner = Self::build_inner(config).await?;
        Ok(Self { inner })
    }

    async fn build_inner(
        conf: gaxi::options::ClientConfig,
    ) -> gax::client_builder::Result<std::sync::Arc<dyn super::stub::dynamic::ContainerAnalysis>>
    {
        if gaxi::options::tracing_enabled(&conf) {
            return Ok(std::sync::Arc::new(Self::build_with_tracing(conf).await?));
        }
        Ok(std::sync::Arc::new(Self::build_transport(conf).await?))
    }

    async fn build_transport(
        conf: gaxi::options::ClientConfig,
    ) -> gax::client_builder::Result<impl super::stub::ContainerAnalysis> {
        super::transport::ContainerAnalysis::new(conf).await
    }

    async fn build_with_tracing(
        conf: gaxi::options::ClientConfig,
    ) -> gax::client_builder::Result<impl super::stub::ContainerAnalysis> {
        Self::build_transport(conf)
            .await
            .map(super::tracing::ContainerAnalysis::new)
    }

    /// Sets the access control policy on the specified note or occurrence.
    /// Requires `containeranalysis.notes.setIamPolicy` or
    /// `containeranalysis.occurrences.setIamPolicy` permission if the resource is
    /// a note or an occurrence, respectively.
    ///
    /// The resource takes the format `projects/[PROJECT_ID]/notes/[NOTE_ID]` for
    /// notes and `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]` for
    /// occurrences.
    pub fn set_iam_policy(&self) -> super::builder::container_analysis::SetIamPolicy {
        super::builder::container_analysis::SetIamPolicy::new(self.inner.clone())
    }

    /// Gets the access control policy for a note or an occurrence resource.
    /// Requires `containeranalysis.notes.setIamPolicy` or
    /// `containeranalysis.occurrences.setIamPolicy` permission if the resource is
    /// a note or occurrence, respectively.
    ///
    /// The resource takes the format `projects/[PROJECT_ID]/notes/[NOTE_ID]` for
    /// notes and `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]` for
    /// occurrences.
    pub fn get_iam_policy(&self) -> super::builder::container_analysis::GetIamPolicy {
        super::builder::container_analysis::GetIamPolicy::new(self.inner.clone())
    }

    /// Returns the permissions that a caller has on the specified note or
    /// occurrence. Requires list permission on the project (for example,
    /// `containeranalysis.notes.list`).
    ///
    /// The resource takes the format `projects/[PROJECT_ID]/notes/[NOTE_ID]` for
    /// notes and `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]` for
    /// occurrences.
    pub fn test_iam_permissions(&self) -> super::builder::container_analysis::TestIamPermissions {
        super::builder::container_analysis::TestIamPermissions::new(self.inner.clone())
    }

    /// Gets a summary of the number and severity of occurrences.
    pub fn get_vulnerability_occurrences_summary(
        &self,
    ) -> super::builder::container_analysis::GetVulnerabilityOccurrencesSummary {
        super::builder::container_analysis::GetVulnerabilityOccurrencesSummary::new(
            self.inner.clone(),
        )
    }

    /// Generates an SBOM for the given resource.
    pub fn export_sbom(&self) -> super::builder::container_analysis::ExportSBOM {
        super::builder::container_analysis::ExportSBOM::new(self.inner.clone())
    }
}
